Privacy Policy

In addition, the Application may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device's unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browsers you use, and information about the way you use the Application.

We use Firebase Analytics to understand how users interact with the Application, including screens visited, features used, and actions taken. This analytics collection is enabled by default and forms part of the service you accept when you create an account, sign in, or otherwise use the Application. The Service Provider relies on its legitimate interest in securing, maintaining, and improving the Application as the legal basis for this processing. You can object at any time by contacting drillrapps@gmail.com, you can stop all collection by uninstalling the Application, and you can limit advertising and analytics identifiers through your device's privacy settings.

When you purchase a subscription, the Application also receives your transaction ID, subscription status, purchase date, renewal date, and the product you purchased. Payment itself (credit card, Apple Pay, Google Pay) is handled entirely by Apple or Google - the Service Provider never sees or stores your payment card details.

This Application does not gather precise information about the location of your mobile device.

The Application includes an optional form-analysis feature that uses on-device motion and body-pose detection built into your phone (such as Apple's Vision framework on iOS) to give you feedback on your exercise technique. All of this analysis runs entirely on your device. No video, image, or body-pose data is sent to the Service Provider or any third party for this feature, and it is not used to identify you. See the section on camera use below for details.

The Application includes an optional form-check feature that uses your device's camera. The camera is accessed only when you choose to start a form check for a supported exercise, and only to record a short clip of you performing that exercise. You can decline or revoke the camera permission at any time in your device settings; the rest of the Application continues to work without it.

The recorded clip is analyzed entirely on your device. The Service Provider does not receive, upload, or store your clip on any server, the clip is not saved to your photo library automatically, and it is not shared with any third party. The Application does not record audio as part of this feature.

If you choose to share a clip using the share option, the Application creates a version with a Drillr watermark and the on-screen form feedback drawn into it, and hands it to your device's standard share sheet. From the moment you select a destination (for example a messaging app, social network, or contact), the clip is governed by that service's or recipient's own terms and privacy policy, not by this Policy, and the Service Provider has no control over how they handle it. Please only share clips of yourself, and do not share clips showing other people without their consent.

The Application uses the information you provide - such as your goals, experience level, body metrics, and injury status - to automatically generate and adapt your personalized training and nutrition plans. This includes selecting drills, adjusting the difficulty of workouts, and calculating calorie and macronutrient targets. This amounts to profiling, but it is the core purpose of the Application that you sign up for, and it does not produce legal or similarly significant effects for you.

The Application does not make solely automated decisions that produce legal effects concerning you. You remain in control: you can change the inputs at any time in Settings, and you can contact the Service Provider at drillrapps@gmail.com with any questions about how your plan is generated.

The Service Provider transmits pseudonymous identifiers (such as a user ID and device identifier) to the external services listed below to authenticate your account, sync your subscription status, collect diagnostic data, and improve the Application. The Service Provider may share your information with third parties in the ways that are described in this privacy statement.

Your account and profile data are stored using Google Firebase (Firebase Authentication and Cloud Firestore), and sign-in with Apple or Google is handled by the respective provider. These providers act as the Service Provider's processors and may store data on servers located outside your country, including in the United States, under appropriate safeguards such as the European Commission's Standard Contractual Clauses.

Please note that the Application utilizes third-party services that have their own Privacy Policy about handling data. Below are the links to the Privacy Policy of the third-party service providers used by the Application:

• https://policies.google.com/privacy
• https://firebase.google.com/policies/analytics
• https://firebase.google.com/support/privacy
• https://expo.dev/privacy
• https://www.revenuecat.com/privacy - subscription management and billing analytics
• https://www.apple.com/legal/privacy/ - for iOS purchases
• https://policies.google.com/privacy - for Android purchases

The Service Provider may disclose User Provided and Automatically Collected Information:

• as required by law, such as to comply with a subpoena, or similar legal process;
• when they believe in good faith that disclosure is necessary to protect their rights, protect your safety or the safety of others, investigate fraud, or respond to a government request;
• with their trusted services providers who work on their behalf, do not have an independent use of the information disclosed to them, and have agreed to adhere to the rules set forth in this privacy statement.

You can halt all collection of information by the Application easily by uninstalling the Application. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network. Uninstalling the Application does not automatically cancel a paid subscription - you must cancel through your Apple ID or Google Play account settings.

You can also permanently delete your account and all associated data directly in the Application at any time, under Settings > Delete Account.

The Service Provider will retain User Provided data for as long as you use the Application and for a reasonable time thereafter. The Service Provider will retain Automatically Collected information for up to 24 months and thereafter may store it in aggregate. If you'd like the Service Provider to delete User Provided Data that you have provided via the Application, please contact them at drillrapps@gmail.com and they will respond in a reasonable time. Please note that some or all of the User Provided Data may be required in order for the Application to function properly.

You can also delete your account and all associated data yourself at any time within the Application, under Settings > Delete Account, which immediately removes your profile along with your training, weight, effort, and match data from the Service Provider's systems.

The data controller responsible for your personal data is Tomasz Święcki, an independent developer based in Poland, who can be contacted at drillrapps@gmail.com. Given the nature and scale of the processing, the Service Provider is not required to appoint a Data Protection Officer and has not done so; you can send any privacy questions to the same address.

The Service Provider processes your personal data on the following legal bases: to perform the agreement to provide the Application to you; your consent - including your explicit consent for special-category health-related data such as body metrics and injuries, and your consent for marketing messages; and the Service Provider's legitimate interest in operating, securing, and improving the Application.

If you are located in the European Economic Area, the United Kingdom, or a region with comparable laws, you have the rights listed below regarding your personal data. To exercise any of them, contact the Service Provider at drillrapps@gmail.com; you can also edit your profile in the Application or permanently delete your account and data under Settings > Delete Account.

• the right to access the personal data held about you;
• the right to have inaccurate or incomplete data corrected;
• the right to have your data erased (the "right to be forgotten");
• the right to restrict or object to certain processing;
• the right to data portability, that is, to receive your data in a structured, commonly used format;
• the right to withdraw consent at any time, where processing is based on consent;
• the right to lodge a complaint with a supervisory authority - in Poland, the President of the Personal Data Protection Office (Prezes Urzędu Ochrony Danych Osobowych).

The Application is intended for users aged 13 and older. The Service Provider does not knowingly solicit data from or market to children under the age of 13.

In some countries the minimum age for consenting to the processing of personal data is higher than 13 - for example, 16 in Poland and parts of the European Union. The Application is available to users aged 13 and older everywhere. If you are at least 13 but below the digital-consent age in your country, you may use the Application and provide your personal data only with the involvement and consent of a parent or legal guardian, who accepts this Policy on your behalf.

Users who indicate during onboarding that they are under the age of 13 cannot create an account. The Application displays a message that Drillr is for ages 13 and up, and no profile is created on the Service Provider's systems.

A small number of accounts created before this age gate took effect remain on the Service in a legacy Restricted Mode. In Restricted Mode, the Application does not collect personal details such as gender, height, weight, or date of birth. Only an email address is retained for account authentication purposes. No personal data from Restricted Mode users is shared with third parties or used for profiling or marketing.

If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact the Service Provider (drillrapps@gmail.com) so that they will be able to take the necessary actions, including account deletion.

The Service Provider is concerned about safeguarding the confidentiality of your information. The Service Provider provides physical, electronic, and procedural safeguards to protect information they process and maintain. For example, access to this information is limited to authorized employees and contractors who need to know it in order to operate, develop, or improve the Application. Please be aware that, although the Service Provider endeavors to provide reasonable security for information they process and maintain, no security system can prevent all potential security breaches.

This Privacy Policy may be updated from time to time for any reason. The Service Provider will notify you of any changes to the Privacy Policy by updating this page with the new Privacy Policy. You are advised to consult this Privacy Policy regularly for any changes, as continued use is deemed approval of all changes.

By creating an account, signing in, or otherwise using the Application, you acknowledge this Privacy Policy and agree to the Service Provider processing your information as set forth here now and as amended in the future, including the analytics used to operate, secure, and improve the Application. "Processing" means using or handling information in any way, including, but not limited to, collecting, storing, deleting, using, combining and disclosing information.

If you have any questions regarding privacy while using the Application, or have questions about the practices, please contact the Service Provider via email at drillrapps@gmail.com.